|
Posted by Galadrial on August 27, 2007, 7:08 am
If you were Registered and logged in, you could reply and use other advanced thread options
the website themselves then be very sure before installing. Just not clear
what, if anything, I am missing out on by not installing - whether a self
certificate I decide to trust or one issued by a known and trusted authority
(Versign in GRC's case)? I have not problem with GRC's site, the
certificate looks fine and I'm not getting any warnings.
> On Sun, 26 Aug 2007 12:09:23 GMT, "Galadrial"
>
>>I know little about security certificates but am following advice to check
>>the details when using an HTTPS site. Can anyone tell me what the Install
>>Certificate option is when I check, for instance GRC's certificate?
>>
>>Thanks for your time
>
> I think Certificates on a web server have three uses
>
> 1. To show that the site is genuine
> 2. To encrypt the session
> 3. To generate an income for the certificate authority (CA)
>
> Because the CA takes reasonable care not to issue, for
> example a certificate saying 'Microsoft' to joe hacker
> then it establishes trust that you really are dealing
> with say, Microsoft.
>
> If you can trust that the site you are using really
> is genuine, and it happens to be someone who has generated
> his own certificate, because they know how and wish to
> avoid paying a CA, then its OK to add it to your browser.
>
> The CA root certificates get added automatically by the
> browser authors, but obviously they do not cater for people
> who 'roll their own' so there is the provision to add them
> yourself, under caution.
>
> For a serious e-commerce website, its a false economy to
> do this, although I do know a large bank who use the wrong
> certificate on their electronic banking site. For a small
> e-commerce site, like GRC's its reasonable.
>
> You either trust him or you don't. I use spinrite and
> its saved my arse, and he did pick up on the 'real downloader'
> spyware issue rather well when I mentioned it to him, so I
> think he is OK, Sebastian seems to be of the other view.
>
> Not that it matters much.
> --
> Jim Watt
> http://www.gibnet.com
| 
XML site map